health care | Software Associates.

Anatonme – a hand held device for improving patient-doctor communications

Posted in: Technology|Tags: Control Policy, health care, medical devices, private networking, Social Networking|By: Danny Lieberman|January 21, 2012No Comments

From a recent article in Healthcare Global. Studies suggest that 30-50 percent of patients are likely to give up treatments early. Microsoft Research has developed an innovative, hand-held medical device called Anatonme to help patients understand their issue and complete their treatment plan more often. We’ve been doing research and development into private, controlled social …

Build your security portfolio on attack scenarios

Posted in: Information security|Tags: credit cards, health care, HIPAA, Information security, medical devices, PCI DSS 2.0|By: Danny Lieberman|January 21, 20121 Comment

In our experience, building a security portfolio on attack scenarios has 2 clear benefits; A robust, cost-effective security portfolio based on attack analysis results in robust compliance over time. Executives related well to the concepts of threat modeling / attack analysis. Competing, understanding the value of their assets, taking risks and protecting themselves from attackers …

Problems in current Electronic Health Record systems

Posted in: Compliance|Tags: EMR, health, health care, Healthy living, HIPAA, Information security|By: Danny Lieberman|December 7, 20111 Comment

Software Associates specializes in helping medical device and healthcare technology vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and mobile environments. As I noted here and here, the security and compliance industry is no different from other industries in having fashion and trends. Two years ago, PHR (Personal …

Healthcare data interoperability pain

Posted in: Information security, Privacy|Tags: Data classification, EMR, health care, HIPAA, Obama|By: Danny Lieberman|November 28, 20111 Comment

Data without interoperability = pain. What is happening in the US healthcare space is fascinating as stimulus funds (or what they call in the Middle East – “baksheesh”) are being paid to doctors to acquire an Electronic Health Records system that has “meaningful use”. The term “meaningful use” is vaguely defined in the stimulus bill …

Threats on personal health information

Posted in: Data leakage, Privacy, Risk Assessment, Threat modeling|Tags: ethics, health care, HIPAA|By: Danny Lieberman|March 23, 2011No Comments

A recent HIPAA violation in Canada where an imaging technician accessed the medical records of her ex-husband’s girlfriend comes as no surprise to me. Data leakage of ePHI in hospitals is rampant simply because a) there is a lot of it floating around and b) because of human nature. Humans being naturally curious, sometimes vindictive and always …

Research data integrity

Posted in: Privacy|Tags: data security, health, health care, Risk management|By: Danny Lieberman|September 3, 2009No Comments

I usually write about best practices and practical tools to prevent data theft, data loss and data leakage – since our professional services focus on data security in Central and Eastern Europe. Data security is, I guess a sub-specialty of security and compliance. Security is chartered with ensuring the survival of a business and protecting …

Archives